Modern communication services have evolved around advancements made in data networking technologies. Data transport is one form of such commercially offered communication services, whereby customers (or subscribers) have a need to communicate with one another, access applications on a host computer or otherwise transfer data from one point to another. Further, these users typically require access to the global Internet with its vast knowledge base and applications. The popularity of data services has spawned the fraudulent usage of such services, akin to theft of long distance telephony services. Conventional fraud detection techniques have centered around telephony systems, and thus, are not well suited to fraud prevention in data communication systems, which exhibit different characteristics from that of circuit switched voice calls.
Service providers recognize the advantage of using the existing telephony infrastructure to provide ready access to data services. In many instances, users particularly when not at their offices do not have readily available access to the corporate local area network (LAN), corporate intranet, or the Internet. Given the modern day reliance on e-mail and the Internet, these business users require access to such resources from various locations throughout the world. To address this demand for remote access, service providers have implemented so-called “dial-up services,” whereby a user may access a data network by a using, for example, a modem through a telephone connection. In this manner, a user may obtain a connection to the data network anywhere a reliable telephone connection is available.
One common example of dial-up access is the manner in which many residential and small business users access the Internet by subscribing to an Internet Service Provider (ISP). A user with a computer and a modem can dial a telephone number corresponding to the service provider and obtain a connection through the service provider to the Internet. In a similar manner, other dial-up access services have been known by which host computers may be directly dialed. Types of data transport that may be accessed in this manner include, for example, an International Telecommunications Union (ITU) X.25-compliant packet transport, Internet Protocol (IP) transport, or other forms of packetized communications. In most cases, service providers charge fees to users for using the communications resources of the service provider and possibly for accessing a particular host or service.
Another example of dial-up services relates to virtual private networks (VPNs). For a business enterprise having many geographically dispersed locations and having sporadic communications needs, it can be cost effective to subscribe to or utilize dial-up access to a data network rather than lease a dedicated line. For example, as employees of a business travel, dial-up access provides wide coverage and increases the likelihood that a traveler can reach needed resources and services of the back office. Additionally, dial-up access is useful for occasional work-at-home situations.
Unfortunately, the convenience of access to data services has also stimulated fraudulent usage, resulting in significant loss of revenue for the service provider. Fraud perpetrators gain access to the transport network to reach specific hosts and then use the services of the host. These “hackers” can breach the security of the information on the host, and interfere with the operation of the host or attempt other forms of attacks. Fraud is also committed to gain free access to the Internet or simply to provide data transport without incurring charges, leaving paying users to bear the costs. Further, such unauthorized access (or usage) can overwhelm network resources, even to the point of interfering with legitimate communications.
Fraud detection and redress are also complicated by the intricate interplay of multiple service providers and their partnership arrangements. For instance, in some areas (notably some countries), a given service provider may not have a point of presence that is reachable by a local telephone call. To better serve subscribers over a wide area of coverage, a service provider will often contract with an intermediate service provider to extend coverage to areas or countries not directly covered by the primary service provider. The subscriber conducts communications through the primary service provider by way of the intermediate service provider's facilities, wherein the primary service provider provides compensation to the intermediate service provider at an agreed upon rate. The intermediate service provider's network is thus referred to as a “partner network” relative to the primary service provider's resources.
Undoubtedly, when one or many fraud perpetrators gain access to network resources, the results are costly both for the service provider and the customer. A customer (such as a large organization or enterprise) may fail to notice charges caused by fraudulent use and unwittingly pay for the use by the fraudster. In another scenario, the costs incurred by the fraudster may be so exorbitant that the customer refutes the bill and the service provider is left to absorb the lost revenues or reach a compromise with the customer over the disputed billing. As a further detriment, for fraudulent traffic originating through a partner network, the first service provider may be obligated to compensate the second service provider even though the first service provider cannot collect charges arising from the fraudulent use of the network. Additionally, excessive fraud can impact the reliability and/or quality of the network (e.g., saturation of network resources, etc.). The service provider may also face loss of customers, who perceive that the service provider is incapable of providing ample network security or cannot properly address abuse.
Therefore, fraudulent abuse of network resources consumes time and money of customers and service providers and may threaten the operation of the network. As a further exposure to the service providers as described above, a given service provider experiencing fraud may have to pay settlements to other service providers to whom payment is owed, regardless of the fraudulent nature of the traffic.
Therefore, there is a need for early detection and prevention of fraud with respect to data communication services.